This message was meant for the bug itself as well (instead of the wrongly written package address).
-------- Original Message -------- Subject: Re: [Bug-freedink] Bug#694260: freedink: Stack corruption Date: Mon, 03 Dec 2012 10:02:23 +0100 From: Bas Wijnen <wij...@debian.org> Organization: Debian To: Luiji Maryo <lu...@users.sourceforge.net>, cont...@bugs.debian.org, sdl-mixer...@bugs.debian.org reassign 694260 sdl-mixer1.2 1.2.12-3 thanks Hello SDL maintainers, I'm usually hesitant to assign a bug to a library, because it often happens that the actual bug is in the calling code. This is even more likely with freedink, which originates from code with lots of bugs. However, in this case I think I really did hit a bug in the library. If you disagree, feel free to assign it back of course. Unfortunately, I am unable to create a slim test-case to trigger the bug. The problem is "stack smashing", which means that there is a buffer overflow on the stack. This is caught with gcc's stack protector (a fortify feature), which checks a guard variable when a function with arrays on the stack returns. Therefore the function from the backtrace is the one which owns the overflowed array, but it may or may not be the one which overflows it. I attached a file which can be used to trigger this bug. If you want to see it, you need to follow these steps: 1. install the freedink package. 2. unpack the attached midibug.tar.gz. 3. run "freedink -w -g midibug". The midi file that causes the problem is midibug/sound/10.mid If you have any questions, don't hesitate to ask. Thanks, Bas On 03-12-12 00:55, Luiji Maryo wrote: > You should probably send that MIDI file to the SDL_Mixer developers as > well so that they can look over it for something that would cause this > type of fault. > > > On Sun, Dec 2, 2012 at 2:20 PM, Bas Wijnen <wij...@debian.org > <mailto:wij...@debian.org>> wrote: > > Hi, > > What I have found out so far: > > - It crashes when it makes the call to play the midi file. > - It doesn't crash when 20.mid is not present, nor when it is replaced > by a different midi file. (even though 20.mid plays without a problem > with timidity). > > However, a really slim test case with only calls to make that file play > is not enough to make it crash. > > Thanks, > Bas > > On 02-12-12 20:01, Sylvain wrote: > > Additional info : > > > > - No crash when run with '-s' (no sound), so looks like this comes > > from SDL_Mixer indeed. > > > > - I think I tested this D-Mod already during the FreeDink development, > > as I remembered it was a good test case for "bug-compatibility" > > (ahem), abeilt maybe only the Lava part. > > > > - Sylvain > > > > On Sun, Dec 02, 2012 at 06:39:40PM +0000, Sylvain wrote: > >> Hi, > >> > >> According to the backtrace, it looks like it's in the SDL_mixer > >> thread indeed. > >> > >> Cheers! > >> Sylvain > >> > >> On Sat, Dec 01, 2012 at 12:38:17AM +0100, Bas Wijnen wrote: > >>> After a lot of debugging, the problem seems to be in libSDL > instead. If > >>> I manage to get a simple test program triggering the bug, I'll > report it > >>> there and close this bug. Until I do, I'll leave it open on > freedink, > >>> because I'm still not entirely sure. > >>> > >>> Thanks, > >>> Bas > >>> > >>> On 24-11-12 21:08, Bas Wijnen wrote: > >>>> Package: freedink > >>>> Version: 1.08.2012042 > >>>> > >>>> The dmod "Eternal suicide" is full of bugs which are nicely > handled by > >>>> the engine (and which don't really affect gameplay). However, > there is > >>>> one problem which causes the engine to abort with the attached > message. > >>>> I'm having trouble debugging this, as there is no mention of > what really > >>>> is the problem, except that some fortify check fails. > >>>> > >>>> I attached a save file with which you can reproduce it. It > brings you in > >>>> front of a cave. Enter it and it crashes. > >>>> > >>>> Thanks, > >>>> Bas > > > > _______________________________________________ > Bug-freedink mailing list > bug-freed...@gnu.org <mailto:bug-freed...@gnu.org> > https://lists.gnu.org/mailman/listinfo/bug-freedink > > > > > -- > - Luiji Maryo > mail: lu...@users.sourceforge.net <mailto:lu...@users.sourceforge.net> > blog: http://brainboyblogger.blogspot.com/ > corp: http://www.entertainingsoftware.com/ > fun: http://www.secretmaryo.org/
midibug.tar.gz
Description: GNU Zip compressed data
signature.asc
Description: OpenPGP digital signature